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This Reply is responsive to the Office Action 5 of September 5, 2007. No claims 

are amended, added or canceled. Claims 1, 5, 9, 14 and 22 are in independent form. 
Claims 7, 13 and 23 were previously canceled without prejudice or disclaimer. Thus, 
claims 1-6, 8-12 and 14-22 remain pending 

Claims 1-6 and 8-12 and 14-22 are rejected under 35 U S 0. S ! 03(a) as being un- 
patentable o\er newly -cited Mi near et a! (U.S Patent No. 5. 08:!, 350: hereinafter 
"Minear") and further in view of newh -cited Mason et al (V S> Parent No. 5.668.90$ 
hereinafter "Mason"). The rejection is respectfully traversed because M in ear in view of 
Mason do not disclose or suggest all elements of all pending claims, for at least the 
following reasons. 

Mi near discloses a system and method for regulating the flow of messages 
thtough a iuev\all haung a netwoik piotouol stack which hk hides an Internet Ptotoeoi 
(11*) lavtt >\n incoming message ft e , a 'datagram ) to die IP las ex u e , 'the I euief } is 
examined to determine if it ts cnci\ pteu if not encrx pttd, tht message is passed up the 
st ick to an application level psow If the message ts enet\ pted it is tit st decrx pled at the 
IP las ei and then passed up the sukL to the ptow Dcu \ pttng the message ts 
accomplished In evecutinu a puvess in i!k IP Una f Mimas, Abstsact) 

Consider, for example, claim I : 

In a node opoatne wuhsn a netwoik oi a piuralm of nodes a method for 
pcttoimma enptogiaphte-related functions, computing 



1 Ik OfJue ^fioii umtam \ tmnttxi of submenu ch it telut'mu the eueci teteiUKx 1 - Jtiet/ot the 
d.imis uhk.ii \ppiK;niti> m<i\ i»n (.\jmcss1s tduitih huun Rt.^<iidkss ot Aliethu oi not <m\ smJt 
statement is uiuititiui huun tints do not .mtonuneaih siihsutbeto ot necjtiies^ m ,m% si!..!} 
statement 
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executing an dppkcation progiam m a user space at the node 

recetsrnu an input iequmng enptogiaphrc-telated pioeessmg. 

genetatmg a message ua the application ptogram based on the input, the message 
repiesermng one of a predefined set of messages fo; pioeessmg b\ one of a plurahts of 
cisptosnaphie processus components located in a kernel spate within the node, each one 
of said messages being associated \Mth a lespecttve one of sasd usptouiaphic-r elated 
functions; 

transmitting the message to vine of a socket handle! and a call handle! m kernel 
.space at the node to obtain a transmitted message, 

foi wauling the uansmuted message to a iequest handler at the node which 
generates a function call to the cr\ ptogtaphic piocessmg component appsopnatc lor the 
tiansmitted message, and 

pet Conning the eiypiogtaphie-i elated piocessmg b\ the cs\ pLugraphie processing 
component appiopnate for the tiansmitted message 

The Office Action reads fuewali IN on the tecited network "node ' h\ apphmg 

\hneai col 5 hnes i4-5?> to Applicants' recited 'executing an application ptogiam in a 

usei space at the node " {() \ pg>) I he Office Vction also ptesumabh tends the 

message coming nf on Applicants recited v mpnf tequinng cs\ pto processing, such 

message being included m Mincat col 0 hnes 1 ^-27 which is applied against 

Applicants recited ' reeetsmu an input iequiunii cr\ ptomaphjc-telated pioeessmu 

{0 A pg i ) I he ' message cotnmg in 1 " is also icterred to m Mmeai as a v datauiam' (w, 

e g , col 4. line 47) \\jfh the fotegomy tn mind eonsidei Xpphcants' message generating 

step 

The Office Action (pg 3) alleges that the following sections of 'Mi near read on 

Applicants' message generating step: 

aii SADB Master copy 52 is maintained in persistent memory at application layer 
48 while a copy 54 of SADB is maintained i n volatile memory within the kernel. 
(Mi near, col. 6, lines 7-9) 
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I his section lefeiung to hg 2 m \imear merels discusses the maintenance of a 
Seeituts Association Data Base (SADBDnastei cops jn the application la\ei 4!< while a 
woikutg cops ot'S \DB lit maintained m the !P kernel lasei 

In the embodiment shown m HO 2, a wotUna cops 54 of the Secunts 
\ssouatiou Database consisting of all current! s actise S Ys i<; kept iessdent in 
memois foi reads access hs IP lasei processing as datagsams are teeeised and 
tiansmitted In addition, a woikmu mastet cops 52 ot the S U>B is maintained m 
a file in nons olatile memois Duung ss stem startup and initialisation piocessmg 
the eontem of ail of the required S A's m master SADB 52 is added to the woskmg 
cops 54 stored in kernel memoiv {Mmeai, col t\ Sines i3-4u. emphasis added) 

f his sccuon sass that S U>B 5 t in the IP lasei is kept icads for processing as 

input datagsams are tecei\ ed and tsansmitted Further, although a wotkmg mastet cops 

52 of that V\DB is in the application Lnei the content of database 54 is initialized at 

startup initialisation, not "based on the input" as claimed \kneo\ei all cm tenth active 

SA's ate processed in the kerne! {IPj iases sxhieh does not appeal to h,n e ans hearing on 

Applicants message genetatiug step hich generates a message ' \ id the application 

proyi am in the use; laser If am tinny, tins section iefei<; to processing in the kernel (11*) 

laser, not in the usei (application* laser 

hi one embodiment, a flag which aeeompanres the message as u is seni ftom IP 
laser 44 to proxs 5p indicates whethei the incoming message was or was not 
encrspted in auothei embodiment proxs ^0 accesses Secui its \ssociauon 
Database M (the table in the kerne! can be queried sia an S\DR touting socket 
(Pf -SA.DB0 to deteimmc xs hetltei oi not a sccutfts association exists tut a giscn 
peei llie S VDIi socket much like a routing socket tound in the stock BSD 4 4 
kernel (ptotocol famih PF-ROtTO except thai PF-SADB sockets ate used to 
maintain the Secunts -Association Database (S ADB> instead of the uniting table 
Because the pm ate kes s tised tor cnus ption deci s ptton and kes ed 
authentication are stoied in this table, access must be stnetis prohibited and 
allowed to onk admr ni stratus s and kes management daemons Cue must be taken 
when allowing user-lesel daemons access to ''dev-'mem or des kmem as we!!, 
since the kess are stoied in kernel memors and could be exposed with some 
cieatise hacking fXhneai co! ~" lines 2 t~4l>) 
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] his section discusses fun embodiments in one embodiment a flag is sent horn 
the kettle! (IP) iasei to ptuw ?(.• in user space. This embodiment cannot lead on 
' getieiatmg a message \ 1a the application ptogiam ' as lectted in claim 1 because the 
flag is onatnated tn the IP kernel and not tn the application piogiam in usei space In the 
other embodiment prow sO m uses space accesses S ADB ^4 tn ketnei space to 
determine \l a secnnt\ association exists ioi a gi\eu pee? " A "gi\en pee; * is 
tefened to m Mmeai as i elating to Ol FPt T . not input Foi example, 1 1 he peei SPI - 
1 he SPI \ alue to put on a IPSJrO datagram on output i he peei IP addiess - f he 
iL'sttf union IP address to be put into the packet headei tt 1PSPC Tunnel mode is used 
(Mmeai. column 4 lines J 6-1°, emphasis added) Thetefote, the other embodiment m 
tins section teaches that something mav be generated b\ prow m> id uset space to 
deteimme if an S\ exists based on an output Accoidmgh the othet embodiment of this 
section a!so cannot icad on \pphcants" sect ted getieiatmg step v\i«eli is based on an 
input 

Indeed tot at least these tcasons, this section of Mineat docs not read on 
"genet a.tmg a message \ia the application piogiam based on the input, the message 
repieseufuig one of a predefined set of mewiges foi piocessmg b\ one oi a piuialits of 
ctsptotiiaphic processing components located tn a kernel space within the node each one 
of said messages being associated uith a tespeune one of said ervpiogtaphtc-r elated 
functions" as recited in claim .1. 

In addition these thiee sections do not read on \ppl teams lecited generating step 
because thes aKo do not disclose ot suggest that Mineat s cxptcsseu message (ot am 
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implied message that max be contained thcieini icpiesents one of a piedefmed set of 
messages Applicants' iccttcd message is genetated in user space \ la the application 
piogiam and is thereafter processed m kernel space In a cr\ piogiaphic component Pins 
is discussed in Applicants specification, at least at pys U- i ? '1 heie is no leaching m 
these sections foi anv place else tn Mtneai ) of a message ftom a ptcdcfincd set of mtcr- 
piotoeoi-le\ el messages being sent from user space to kernel space m Mmeai Theiefoie, 
Mineai does not disclose oi suggest 'generating a message \ sa the application progiam 
based on the input, the message representing one of a pjedetmed set ot messages for 
processing b\ one of a pluulm of cryptographic ptoccssmg components located m a 
kernel space uithm the node, each one of said messages being associated 'with a 
jespeetne one of said cn ptogiaphjc-reiated functions" as recited in claim 1 

Since Applicants message ^eneiatmg step m claim 1 is not disclosed oi 
suggested b\ Mmeai claim 1 itself is not disclosed ot suggested b\ Mmear Mason 
cited to teach a call handle* , does not eme this defictenes m Mtneai Based on MP LP 
2 143 Uieietoie, a puma facie case of obwousness has not been established against claim 
1 on the basis on \hncai in \ie\s of Mason U'coidmgh the ,>s 1 S C ^ 10><a) 
rejeeiion of claim 1 as being un-patenUihie o\ ei Mmear and Unifier in\ieu of Mason 
should be \ulhdia\sn and the claim allowed 

Dependent claims 2-4, dependent from claim i, are also allowable at least for 
reasons based on then iespeeti\e dependencies from allowable base claim 1 

Turning next to claim 14, it recites, i literals a: "generating in said node a 
predefined message based on the input, the message representing one of a plurality of 
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predefined messages usable by a cryptographic processing program executed by one of a 
plurality of cryptographic processing components in kerne! space, each one of said 
messages being associated with a respective one of said cryptographic-related functions " 
The Office Action cites the same sections in Minear against this generating step as it 
cited against the generating step of claim 1 . Therefore, claim 14 is likewise allowable for 
reasons given above with respect to claim I 

Dependent claims 1 5-21. dependent from claim 14, are also allowable, at least for 
reasons based on their respective dependencies, directly or indirectly, from an allowable 
base claim. 



\e\t considei claim 5 The 01 Ike \uion utes Mmeai col Ojmes H-27 and 
col ] I, lines a(> -a } as allegedix tcadmg on 'iccei\ my an input representing one of 
predefined messages ' (O A pg 6) Applicants tespeetfulh disdgtee These sections are 
reproduced: 

Pro\s ^0 examines the source and destination addiesses and the tvpe of sen ice 
desned and decides whether authentication uf the sendet ts w attained If so pmw 
">0 initiates an authentication protocol The protocol nun be as simple as 
requesting a uses name and password or d ma\ include a chalknue/response 
autbenttcdtton process Piow 5() also looks to see whethei die message coming m 
was enenpted or not and max factor that tnto whethei a particuias tvpe of 
authentication ts needed In lei net for instance usei name/password 
authentication nun be sufficient lot an f-FL link while the securit\ pohc\ max 
dtctate that a mose stringent challenge response piotocol is needed for 
tinencn pted links in that case pum ^0 will be d leluut pio\s and ti will base Us 
autbenttcdtton protocol on whethei the hnk was enci spied oi not (Mmeas col 6 
lines I ?-27, emphasis added) 



This section does not disclose or suggest an input representing one of the predefined 
messages. To begin with, predefined messages are not disclosed or suggested. The only 
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"mcs»age 1 ' mentioned us the "message coming in * which is the datagram mput 'I hat 
message ts the one bemy examined m the IP ia\et (Fig 2) to detefmme whether <n not Jt 
is enenpfed as discussed edihei because it is an unknown upon dtmal fhueloie thai 
datatuam is nut a piedeilncd message - it is unknown and thescfoic an undefined 

message. 

There is nothing else in this section that can be reasonably interpreted as an input 
allegedly representing one of predefined messages. The initiation of the authentication 
protocol by proxy 50 does not imply predefined messages because that initiation requests 
a user name and password, and it may include a challenge response, \vjth.res|?.exiMa.n 
t^amjned.^ Therefore, any such request or 

challenge is inherently not a predefined message because the message ts sent to the 
instant datagram source or destination address that was just examined That datagram 
address J .s„fi.desyiiabon addj;ess 

D.t^i s .agej..ca nn of Jye„ defin ed ^ C 1 ea ri y . every m essage ha s 

at least a destination and content A message is predefined when at least its destination 
and content are both predefined. Message content alone is insufficient to define a 
message Without a destination to receive the message, content, by itself, has little or no 
meaning, is not a complete message and is, therefore, not a predefined message. If the 
Examiner persists in this rejection. Applicants respectfully request that the Examiner 
point to precisely the language being interpreted as the alleged predefined messages. 

10. When a dynamic entry- is found by a SPi search, the current datagram's SRC 
address, which is required to ensure that the return datagrams are properly 
encrypted, will be recorded in the SA only after the AH checking has passed 
successfully. (This is because if the address is recorded before AH passes then an 
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attacler can cause return packets of an outgoing connection to be transmitted ut 
the clear ) (Mfneai col U hues 20-V>j 



Applicant cannot discern anything in this section which relates to receiving an input 

representing one of predefined messages. Again, there are no predefined messages 

disclosed or suggested. If the Examiner persists in this rejection. Applicants respectfully 

request that the Examiner point to precisely the language being interpreted as the alleged 

predefined messages The above two sections, taken together do not disclose or suggest 

"receiving an input representing one of the predefined messages" as recited in claim 5. 

Next, consider Applicants' transmitting step, against which the Office Action 

cites Mi near, col 1 i , line 54 to col. 1 2, line 1 2 (O A. pg 6). 

In one embodiment, crypto engine interface 80 is a utility which provides a 
consistent interface between d re software ^ As 
shown in FIG. 4, in one such embodiment interface 80 only supports the use of 
the use of hardware cryptographic engine 84 for 1PSEC ESP processing. The 
significant design issue that interface 80 must deal with is that use of a hardware 
encryption engine requires that the processing be down [done] in disjoint steps 
operating in different interrupt contexts as engine 84 completes the various 
processing steps. 

The n. quired mioi matron is stored m a tequesf structure that is bound to the IP 
datagi am being puvcvseu 1 he request is of ts pc cr\ pto sub -- request sub - t 
j ins structme is quite iaiiie and definiteK docs not contain a minimum state set 

in addition to the definition of the request data structme, this software 
implementing mteiiacc Ko provides two functions which isolate the decision oi 
wind) crvptoguphic engine to use 1 he u\ pt sub - des sub — enci\ pt fununw is 
tot use bv the LP output processing to encrypt a datagi am 1 he us pt sub — 
des sub — deci\ pt tuneium is Lot use In the IP mpui piocessing to deu\pi a 
datagram If hardware encrsptron engme 8 1 js present and other hardware usage 
uiteua are met the request is enqueued on u hardware processing queue and a 
return code indicating that the cryptographic processing is in progress is ieturned 
If software engine 82 is used the return code indicates that the er\ ptogiaphie 
piocessmg is complete (Mmeaj coi 11 line 54 -col 12Jme \2 emphasis 
added) 
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fins been <>n is largeh a discussion about the datagsam and etictvptma and deenptmg 
il \ppltc<ints cannot discern its teles ance to the claimed transmitting to <i crsptogtaphic 
ptocessmg module a function call based on an input iepiesentmg one of a piuiahts of 
predefined messages, the function call requesting eisptoguphie processing and beum 
executed b\ the ptoecssof in usei space in fact, this section teaches, the ie\eise 

Tins section teaches that interlace So {located m kernel space - Mmeai Fm 4} 
implements two functions lot use b\ IP output and LP input pioeessmg in uset space 
I his function How in Mmeai ts Dotn kernel space to use! .space I his is the re\eise 
directum of message flow when compared ro the direction of Vpplscanis' direction of 
messages from user space to kernel space Therefore this seuion mas relate to 
cis ptoaiaphie pioeessmg but it docs not disclose oj suggest instructions which, 
when executed In a proccssoi m a uses space, cause said ptoccssor to petfotm a method 
eompnsmg ttdnsmitting, based on the mput, a function call teptesenting a request 
for cryptographic-related processing to a cryptographic processing module executed by 
the processor" as recited in claim 5. 

In addition although the teim ' ke\" is mentioned m Mmeai rhcie is no 
dtsenssion m Vlmear of a public ke\ authentication miiastiuetme ( PK. \\) pet se PkAl 
does not appear in Minear rheteibte all of the limitations tecited m claim ^ which 
include a left-tcnce 10 PK. \I aie not disclosed 01 suggested b\ Mmeai In othei words 
the teceis mg transmitting and pertoimmg steps, which are limited to being implemented 
In PKAI are not disclosed or suggested In Mmeai ioi this additional leason 

Foi ans or all of the abose reasons, the limitations discussed abo\e m Ypplicants' 
claim ^ are not disclosed 01 suggested In Mmeai Mason, cited to teach a call handlet. 
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does not cliic tins deficiency in Miuear Based on MPfcP 214i, theiefoie, a puma facie 
case oj olwiousticss has not been established against claim ^ on the basts on Minea? in 
v tew of Mason -VccoidmgK the >s 5 SC s 103(a) icjettion oi claim ^ as bung un- 
patentable oser Mmeai and further in ^ lew of Mason should Ik wifhdiawn and the J ami 
allowed. 

Dependent claims ^ and S dependent from claim <\ are also allowable at least fot 
reasons based on then iespeeti\e dependencies from allowable base claim ^ 



Next turning to independent claim u this claim is allowable for reasons stmslai 

to those gixen abo\e Clatm 0 tecites itnent/iu l \\ memots configured to stote <i 

plurality of en ptographie processing piogiams tn uses space on a computer-readable 

medium each piogram being invoked \ ta one of a plurality of predefined messages * 

The Office \etion ctfes Mmeai, col \ lines ">4-s> and col o, lines 7-12 against this 

limitation (OA pg i >) These sections aie reproduced 

in a Astern such as system iO application level gatewav fuewall IS acts as a 
bufYei between unprotected network In and vsotkstations such as workstation 20 
Messages coming fiom unpiotected netwoik 1 o ate reviewed and a determination 
is made as to whether execution of an authentication and identification protocol is 
warranted In eonttast to ptevtous sv stems s\ stem Hi also peifonus tins same 
determination on IPSbC-enaxptcd messages if desued the same authentication 
and identification can be made on messages to be tiansfeued itom wotLstation 20 
to unprotected netw otk 1<> FIG 2 illusttates one wax of authenticating both 
encrypted and unencrypted messages in a s\ stem such as s\ stem It) 
tn the s\ stem of 1 Ki 2 a network protocol stack 40 includes a ph\ sical layer 42 
an Internet piotoe-ol (TP) layei 1 1 a Ttanspon layer 4o and an application laser 
48 Such a piotoeol stack exists foi instance on application le^ei gateway fueuaii 
IS of FIG 1 An application executing m application laser 4>! can communicate 
to an application executing on anothei sy stent by preparing a message and 
transmitting it thtough one of the existing ttansport sen tees executing, on 
tianspOit layer 4o (Mmear, ( ol lines > }~sS\ emphasis added) 
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The only messages discussed in this section are those which are equivalent to the 
datagram. These messages are not the predefined messages that invoke user-space stored 
programs of claim 9. Predefined messages are not disclosed or suggested in this section 
at a Si, much less the specific predefined messages recited in claim 9. if the Examiner 
persists in this rejection. Applicants respectfully request that the Examiner point to 
precisely the language being interpreted as the alleged predefined messages. 

In the embodiment shown in FIG. 2. an SADB Master copy 52 is maintained in 
persistent memory at application layer 48 while a copy 54 of SADB is maintained 
in volatile memory within the kernel If the message is supposed to .be.eiicrypted^. 
the .mes.sjgeis.decrvpted.based on the algorithm and key associated with the 
particular SA and the message is transferred up through transport layer 46 to 
proxy 50. (Minear, col. 6. lines 6-1.3) 

Again, the only messages discussed in this section are those equivalent to the 
datagram, and they are transferred in the direction from IP layer "up through the transport 
layer" to user space, which is the reverse direction from the direction of Applicants' 
message if an incoming datagram is expected or supposed to be encrypted, it is first 
decrypted before it is forwarded or transferred to proxy 50 in the application layer. This 
explanation is not at all suggestive of a plurality of pt edefi ned messages which invoke 
programs that have been stored in user space Accordingly, these sections do not disclose 
or suggest' "a memory configured to store a plurality of cryptographic processing 
programs in user space on a computer-readable medium, each, program being invoked via 
one of a plurality of predefined messages"' as recited in claim 9. If the Examiner persists 
in this rejection, Applicants respectfully request that the Examiner point to precisely the 
language being interpreted as the alleged predefined messages. 
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in addition, "a processor configured to: generate one of the predefined messages 

based on the input" as recited in claim °- is not disclosed or suggested by the applied 

sections {col. 0, lines J 3-27 and col. 1 f lines 30-33}. 

Proxy 50 examines the source and destination addresses and the type of sen ice 
desired and decides whether authentication of the sender is warranted. If so. proxy 
50 initiates an authentication protocol. The protocol may be as simple as 
requesting a user name and password or it may include a challenge/response 
authentication process. Proxy 50 also looks to see whether the message ;.comjngJn 
was encrypted or not and may factor that into whether a particular type of 
authentication is needed. In Telnet, for instance., user name/password 
authentication may be sufficient for an FFE link while the security policy may 
dictate that a more stringent challenge-'' response protocol is needed for 
unencrypted links In that case., proxy 50 will be a Telnet proxy and it will base its 
authentication protocol on whether the link was encrypted or not. f Mi near, col. o, 
lines 13-27. emphasis added) 

This section does not disclose or suggest an input representing one of the predefined 
messages. To begin with, predefined messages are not disclosed or suggested. The only 
"message" mentioned is the '"message coining in" which is the datagram input. Thai- 
message is the one being examined in the IP layer (Fig, 2) to determine whether or not it 
is encrypted, as discussed earlier because it is an unknown upon arrival Therefore, that 
datagram is not a predefined message ~ it is unknown and, therefore, an undefined 
message. 

There is nothing else in this section that can be reasonably interpreted as an input 
allegedly representing one of predefined messages. The initiation of the authentication 
protocol by proxy 50 does not imply predefined messages because that initiation requests 
a user name and password, and it may include a challenge/response, with respect to an 
examined.data^ Therefore, any such request or 

challenge is inherently not a predefined message because the message is sent to the 
instant datagram source or destination address that was just examined. That datagram 
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address is a destination address foi the 'message" and that destination address {thus, the 

message j cannot be defined until the datagram was teecn ed ( ieaiK , e\ et\ message has 

at led st a destination and content \ message is predefined u hen at least its destination 

and content are both predefined Message content alone is msulfiaent to define a 

message \\ sthout a destination to iceeisc the message, content b\ itself, has little <>i no 

meamnu is not a complete message and is thei efoi e, not a pi edefiued message If the 

l\aminer pot si Ms m this rejection \ppheants lespeaiulh lequest that the I samtnet 

point to pjeciseiv the language being f met pitted as the alleged pjedetmed messages 

Considei the othei uted section 

10 \\ ben a d\ namie enti \ is found b\ a SP1 sedieh the current datagtam's SJU. 
addiess, winch i> lequued to ensure that the ictum datagiams are piopeds 
enenpted will he leeorded m the S \ onK after the \U cheeking has passed 
successfulK (This ts because tl the address is refolded betote \H passes then an 
attdi-kti can cause ictum packets of an outgoing connection to he transmitted in 
the deai ) (Mmeai col tl lines 29-3 ~>> 

1 hete are no predefined messages based on input disposed oi suggested m the 
above section It the I \ammei pet si Ms m this ie)ection, Applicants tespeafulK it-quest 
that the I \aimner point to pieciseK the language being trueiprefed as the alleged 
predefined messages. 

•Veconlmgh \lineai does not disclose oi suggest these limitations of claim ( > and, 
thetetote does not disclose oi suggest elaim ^ Mason, cited to teach <i call handlet does 
not cine this defieiencv in \bnedi Based on MPi-P 2 S-H theieloie, a puma facie ease of 
oh\ iousness has not been established against chum ^ on the basis on Mmeas in s Jew ol 
Mason Ateoidmah the>si, SC ^ lf)i{a) icjecnon of claim 0 as being un-patentable 
o\Cj Muuar and fmihu tn Mew of Mason should be withdrawn and the claim allowed 
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Dependent claim* 1 >-2 i , dependent fiom claim aie albo allowable, at least tot 
icasons based on their tcspecthe dependencies fiom allowable base daim *> 

luiiuna next to independent claim 22 it is allowable fo; reasons similar to those 
uiscn above f~Of example, the Offkc Action, pg \<\ cues Mmcai, coi <>, hnes I >-27 and 
eoi 1 I hues iO-"? > rfuamst the "receiving 1 step of claim 22 which calls for <) "predefined 
list oi function oils * I ins is die same cue used against the receiving ,step of claim ^ 
(see page io herein) bust as there sseie no 1 predefined messages ot claim ^ disclosed oi 
suggested bs these sections there is no predefined list of function tails" of claim 21 
disclosed os suggested b\ these sections Therefore, Ylmear does not disclose oi suggest 
receiving m the at least one processor a fust function cull fiom a piedefined list of 
function calls, the predefined list of function calls lcpicsentmy available crvptographtc- 
t elated funujons exeeut ihie bs the at least one piocessof ' as recited m claim 2 I If the 
\ \ammet persists in tins {ejection \pplt cants respectful l\ request that the i Xaminer 
point to pieuseh the language being interpreted as the alleged piedefined list of function 
calls. 

In addition, ■without the t edited ' fusl function call fiom a piedefined bst of 
function calls' there cannot be a lequest message based on a non-existent isrst function 
call I herdoR, "geneiatmg m the at kast one ptocessoi a lequest message based on the 
first function call, the request message representing a lequest fot processing bs a 
enptogr.jpiiK processing module executed bs the at least one processor" ss not disclosed 
or suggested by Minear. 
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!t follows, therefore, that w ithout the lequest message of the generating step the 
tiansmitung of a non-existent request message cannot take place Therefore, 

ttansmitting in ihe af teasf one processor the tequest message, to the ct\ ptoguphte 
processus module ' as reeded m dasm 2 J is not disclosed oj suggested b\ Mmear 
f-or an\ ot all <>i the above tcasons the limitations discussed above in Applicants daim 
21 ate not disclosed ot suggested b\ Mmcai 

Mason a ted to teach a call handler, does not cute tins dei!esene\ m Msnedi 
Based on WPiy 2 143 therefore, a puma faere case of ob\ untsness lias not been 
established against claim 2i on ihc basss on Mmedt m \ic\\ of Mason KceoidmgK the 
iM ' S O ^ 1 ( *><a> tciet-tton of Jaim 21 as being im~pateiitable o\es Mmeai and iusthet 
in \ie\\ of Mason should be withdiawn and the claim allowed 
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CONCLUSION 



\]\ rejections in the Office Action base been addressed it) \teu oj the foregoing 
renwnks teconxidetation and allowance oi tire pending claims are ie^pectkilh icqiiesled 

To the extent necessars a petition for an extension of time undo ^7 ( F R 
t i ki fs heieb) made Please chaige anv shortage in fees due in connection with the 
fihnu of tins paper including extension of time fees to Deposit Account 07-2 ^1 7 and 
please uedu am excess lees to such deposit account 



Date \o\ ember IS, 200" 
Verizon 

Patent Management (jtoup 
1^15 Courthouse Road, Suite 500 
Arlington \ A 222<» 1-2^00 
Tei W V> 

CI SIOMLRNO 25537 
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